Getting To It

You're now ready to look at the code that composes the UserManager component, and everything will become crystal clear. As always, I start with the remote interface. This is very similar to the OfficeManager interface in the standard methods that it provides for working with Forethought users. However, as users are a bit different than other Forethought entities, you will notice a few extra methods, as shown in the code listing in Example 8-4. In addition to providing two flavors of user creation (one with an office, and one without), there are methods to authenticate a user and to change a user's password. Both of these deal specifically with the authentication credentials of a user, and are common tasks in any application in which security is used. Of course, these are fairly trivial "pass-through" style methods, in which calls are made to the LDAPManager component to achieve the requested result.

Note that several of these methods throw a UserNotFoundException; I mentioned this class and its use in Chapter 7. However, I left the details of putting the class into use in the LDAPManager component to you, as an exercise. Here's my modified version of the isValidUser( ) method on that class, which issues this exception if authentication is attempted with a nonexistent username:

There are certainly other ways to handle this problem that return the same result, but this was the simplest I found. Since users with invalid passwords will have related resolved objects, a test against null determines if the authentication problem was in the supplied password or the supplied username. You should make an equivalent change in your own LDAPManager component before coding the UserManager's implementation class.